The problems with JNI obfuscation in the Android Operating System
Rick Ramgattie
Derbycon 2015

Code obfuscation is a technique used hide the inner workings of an application. Effective code obfuscation tools hinder reverse engineering efforts. In this talk, I present the problem brought on by the Java Native Interface (JNI) in the process of obfuscating Android applications. I then illustrate how this security leak provides a great way to start reverse engineering. I then end with a few strategies on how to obfuscate Java native functions with the goal of suppressing attempts at reverse engineering the application, and a discussion of the design aspects of JNI that hinder automatic robust obfuscation.

Rick Ramgattie is an Security Analyst Intern for Independent Security
Evaluators (ISE), where he conducts custom security assessments on software products. Mr. Ramgattie is a novice in the art of reverse engineering, and has taken part in application security assessments that have required him to learn about the security involved in mobile applications for the Android operating system. He enjoys cryptography, CTFs, and reading.